Use PowerShell Scripts for Restricted SharePoint Search
Important
Restricted SharePoint Search is designed for customers of Copilot for Microsoft 365. Visit here and the overview of Restricted SharePoint Search for more information.
By default, Restricted SharePoint Search isn't enabled. To enable and set up Restricted SharePoint Search, you need to have Global and SharePoint admin roles. Depending on the scenario, some actions you need to take are:
Get the current mode that is set for Restricted Search
Enable and disable restricted SharePoint search
Add sites to the allowed list by providing URL
Remove sites from the allowed list by providing URL
Get the existing list of URLs that are added in allow list
This article covers how to use admin scripts in PowerShell for these actions.
Before you start
You must be a SharePoint Online or global administrator to run the following admin scripts. Before you use the PowerShell scripts in this article, you need to do the following:
If you haven’t, download the latest SharePoint Online Management Shell.
Note
If you installed a previous version of the SharePoint Online Management Shell, go to Add or remove programs and uninstall "SharePoint Online Management Shell."
Connect to SharePoint as a Global Administrator or SharePoint Administrator in Microsoft 365. To learn how, see Getting started with SharePoint Online Management Shell.
Get the current mode that is set for Restricted Search
Restricted SharePoint Search is disabled by default. To verify this feature’s current mode, you can run the following script:
Get-SPOTenantRestrictedSearchMode
Module: Microsoft.Online.SharePoint.PowerShell
Applies to: SharePoint Online
Syntax
Get-SPOTenantRestrictedSearchMode
Example
Get-SPOTenantRestrictedSearchMode
This example lets the admin get the existing allowed list in the tenant. Result can be ‘Enabled’ or ‘Disabled’ based on the current setting.
Enable or disable the Restricted Search setting
Enable or disabled the Restricted Search setting with the default being disabled. The first time when the setting is enabled the allow list is empty. To enable or disable the Restricted SharePoint Search, you can run:
Set-SPOTenantRestrictedSearchMode
Module: Microsoft.Online.SharePoint.PowerShell
Applies to: SharePoint Online
Syntax
Set-SPOTenantRestrictedSearchMode
[-Mode] {Disabled | Enabled}
[<CommonParameters>]
Example 1
Set-SPOTenantRestrictedSearchMode -Mode Enabled
Example 1 sets or enables the Restricted Tenant Search mode for the tenant.
Example 2
Set-SPOTenantRestrictedSearchMode – Mode Disabled
Example 2 disables the Restricted Tenant Search mode for the tenant.
Parameters
-Mode
Sets the mode for the Restricted Tenant Search.
| Type | String |
|---|---|
| Position: | 0 |
| Default Value: | Disabled |
| Required: | True |
| Accept Pipeline input: | False |
| Accept wildcard characters: | False |
Add sites to the allowed list
When Restricted SharePoint Search is enabled, you can add site URLs to the allowed list in string or csv file:
Add-SPOTenantRestrictedSearchAllowedList
Module: Microsoft.Online.SharePoint.PowerShell
Applies to: SharePoint Online
Syntax
Add-SPOTenantRestrictedSearchAllowedList -SitesList <List[string]> [<CommonParameters>]
Add-SPOTenantRestrictedSearchAllowedList -SitesListFileUrl <string> [-ContainsHeader <bool>]
[<CommonParameters>]
Example 1
Add-SPOTenantRestrictedSearchAllowedList -SitesList @(“[https://contoso.sharepoint.com/sites/Marketing](https://contoso.sharepoint.com/sites/Marketing)”, “[https://contoso.sharepoint.com/sites/Benefits](https://contoso.sharepoint.com/sites/Benefits)”)
This example lets the admin add the sites to the allowed list.
Example 2
Add-SPOTenantRestrictedSearchAllowedList -SitesListFileUrl C:\Users\admin\Downloads\UrlList.csv
This example lets the admin add the sites to the allowed list by giving a CSV file. Add the list of site URLs in URL column.
Parameters
-SitesList
Site list for allowed list.
| Type | String |
|---|---|
| Position: | 0 |
| Default Value: | None |
| Required: | True |
| Accept Pipeline input: | False |
| Accept wildcard characters: | False |
-SitesListFileURL
File that has list of sites URLs that can be added to an allowed list when the tenant is set to Restricted Tenant Search Mode.
| Type | String |
|---|---|
| Position: | 0 |
| Default Value: | None |
| Required: | True |
| Accept Pipeline input: | False |
| Accept wildcard characters: | False |
Remove sites from the allow list
You can remove sites from the allowed list by providing the Site URL in string or csv file using PowerShell script:
Remove-SPOTenantRestrictedSearchAllowedList
Module: Microsoft.Online.SharePoint.PowerShell
Applies to: SharePoint Online
Syntax
Remove-SPOTenantRestrictedSearchAllowedList -SitesList <List[string]> [<CommonParameters>]
Remove-SPOTenantRestrictedSearchAllowedList -SitesListFileUrl <string> [-ContainsHeader <bool>]
[<CommonParameters>]
Example 1
Remove-SPOTenantRestrictedSearchAllowedList -SitesList @(“[https://contoso.sharepoint.com/sites/Marketing](https://contoso.sharepoint.com/sites/Marketing)”, “[https://contoso.sharepoint.com/sites/HR](https://contoso.sharepoint.com/sites/HR)”)
Example 1 lets the admin remove the sites to the allowed list.
Example 2
Remove-SPOTenantRestrictedSearchAllowedList -SitesListFileUrl C:\Users\admin\Downloads\UrlList.csv
Example 2 lets the admin add the sites to the allowed list by giving a CSV file.
Parameters
-SitesList
Site list that will be removed from allowed list.
| Type | String |
|---|---|
| Position: | 0 |
| Default Value: | None |
| Required: | True |
| Accept Pipeline input: | False |
| Accept wildcard characters: | False |
-SitesListFileURL
File that has list of sites that can be removed from an allowed list when the tenant is set to Restricted Tenant Search Mode.
| Type | String |
|---|---|
| Position: | 0 |
| Default Value: | None |
| Required: | True |
| Accept Pipeline input: | False |
| Accept wildcard characters: | False |
Get the existing list of URLs in the allowed list
You can get the existing list of URLs in the allowed list by running the following PowerShell script:
Get-SPOTenantRestrictedSearchAllowedList
Module: Microsoft.Online.SharePoint.PowerShell
Applies to: SharePoint Online
Syntax
Get-SPOTenantRestrictedSearchAllowedList
```
**Example**
```powershell
Get-SPOTenantRestrictedSearchAllowedList
This example lets the admin get the existing allowed list in the tenant.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for